Network Security: Detailed info on Re: snort signature analysis tools

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-IDS

[Top] [All Lists]

Re: snort signature analysis tools

from [Jose Nazario] Network Security

[Permanent Link]

Subject:	Re: snort signature analysis tools
Date:	Tue, 18 Jan 2005 18:38:16 -0500 (EST)

On Tue, 18 Jan 2005, Chris Green wrote:

It's non-trivial to write such an application but I think it would make
a really good project for a Comp Sci person since being able to group
the rules into overlaps would be right on the boundary of IDS
performance grouping without the need for expensive testing hardware.


as you might expect, this has already been done:

        http://compilers.iecc.com/comparch/article/98-08-060
        http://www.cs.ucsd.edu/groups/tatami/bobj/rexp.html

etc ...

________
jose nazario, ph.d.                     jose@monkey.org
http://monkey.org/~jose/                http://infosecdaily.net/

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
snort signature analysis tools, Scott Kelly Re: snort signature analysis tools, Martin Roesch RE: snort signature analysis tools, Scott Kelly Re: snort signature analysis tools, Martin Roesch RE: snort signature analysis tools, Hazel, Scott A. Re: snort signature analysis tools, Chris Green Re: snort signature analysis tools, Jose Nazario <=

Previous by Date:	RE: Specification-based Anomaly Detection, Kohlenberg, Toby
Next by Date:	RE: IDS: Snort detecting distributed syn floods, THolman
Previous by Thread:	Re: snort signature analysis tools, Chris Green
Next by Thread:	Re: Local Mirror Prevention with IDS, Frank Knobbe
Indexes:	[Date] [Thread] [Top] [All Lists]